Hospitals paid almost $100,000 to a ransomware attacker

Healthcare is becoming particularly interesting to ransomware attackers because of its poor cyber-security posture.

Shares

Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care. These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.

It says that hospitals paid almost $100,000 (£75,500) to a specific bitcoin account. In the first half of 2016, one ‘actor’ (it could be a single hacker, but more likely a group) apparently received $121 million in ransomware (189,813 bitcoin), targeting various industries. This actor, according to the report, has had profits of $94 million in the first six months of this year.

“With cyber security threats including ransomware rising at such a rapid rate, organisations are having to come to terms with the fact that it’s fast becoming a question of ‘when’, not ‘if’, they suffer a breach,” said Raj Samani, CTO EMEA Intel Security.

“As such, to stay ahead of cyber criminals, companies must think beyond simply implementing protection strategies, to putting systems in place to rapidly detect threats and correct their systems in the event of an attack. Industries such as financial services and retail have been aware of this threat for some time and have largely taken measures to implement such strategies. It’s crucial that the likes of healthcare and manufacturing pick up the pace with cyber security.

Vulnerabilities in these sectors provide hackers with access to extremely personal, valuable and often irreplaceable data and IP.”